Total
4085 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59704 | 1 Entrust | 11 Nshield 5c, Nshield 5c Firmware, Nshield Connect Xc and 8 more | 2026-01-06 | 7.8 High |
| Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password. | ||||
| CVE-2025-11625 | 1 Wolfssh | 1 Wolfssh | 2026-01-06 | 9.8 Critical |
| Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials. | ||||
| CVE-2025-68926 | 1 Rustfs | 1 Rustfs | 2026-01-05 | 9.8 Critical |
| RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token `"rustfs rpc"` that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable with no mechanism for token rotation, and universally valid across all RustFS deployments. Any attacker with network access to the gRPC port can authenticate using this publicly known token and execute privileged operations including data destruction, policy manipulation, and cluster configuration changes. Version 1.0.0-alpha.78 contains a fix for the issue. | ||||
| CVE-2024-47659 | 1 Linux | 1 Linux Kernel | 2026-01-05 | 8.8 High |
| In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets. So, 1) returned packets are incorrectly labeled ('foo' instead of 'bar') 2) 'bar' can write to 'foo' without being authorized to write. Here is a scenario how to see this: * Take two machines, let's call them C and S, with active Smack in the default state (no settings, no rules, no labeled hosts, only builtin labels) * At S, add Smack rule 'foo bar w' (labels 'foo' and 'bar' are instantiated at S at this moment) * At S, at label 'bar', launch a program that listens for incoming tcp/ipv4 connections * From C, at label 'foo', connect to the listener at S. (label 'foo' is instantiated at C at this moment) Connection succeedes and works. * Send some data in both directions. * Collect network traffic of this connection. All packets in both directions are labeled with the CIPSO of the label 'foo'. Hence, label 'bar' writes to 'foo' without being authorized, and even without ever being known at C. If anybody cares: exactly the same happens with DCCP. This behavior 1st manifested in release 2.6.29.4 (see Fixes below) and it looks unintentional. At least, no explanation was provided. I changed returned packes label into the 'bar', to bring it into line with the Smack documentation claims. | ||||
| CVE-2024-24554 | 1 Bludit | 1 Bludit | 2026-01-02 | 8.2 High |
| Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API. | ||||
| CVE-2025-59280 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-01-02 | 3.1 Low |
| Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network. | ||||
| CVE-2025-55340 | 1 Microsoft | 21 Remote Desktop Protocol, Windows, Windows 10 and 18 more | 2026-01-02 | 7 High |
| Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2025-66022 | 2 Factionsecurity, Owasp | 2 Faction, Faction | 2026-01-02 | 9.7 Critical |
| FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to version 1.7.1, an extension execution path in Faction’s extension framework permits untrusted extension code to execute arbitrary system commands on the server when a lifecycle hook is invoked, resulting in remote code execution (RCE) on the host running Faction. Due to a missing authentication check on the /portal/AppStoreDashboard endpoint, an attacker can access the extension management UI and upload a malicious extension without any authentication, making this vulnerability exploitable by unauthenticated users. This issue has been patched in version 1.7.1. | ||||
| CVE-2025-65925 | 2026-01-02 | 6.5 Medium | ||
| An issue was discovered in Zeroheight (SaaS) prior to 2025-06-13. A legacy user creation API pathway allowed accounts to be created without completing the intended email verification step. While unverified accounts could not access product functionality, the behavior bypassed intended verification controls and allowed unintended account creation. This could have enabled spam/fake account creation or resource usage impact. No data exposure or unauthorized access to existing accounts was reported. | ||||
| CVE-2025-14908 | 1 Jeecg | 2 Jeecg Boot, Jeecgboot | 2025-12-30 | 6.3 Medium |
| A security flaw has been discovered in JeecgBoot up to 3.9.0. The affected element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the component Multi-Tenant Management Module. Performing manipulation of the argument ID results in improper authentication. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The patch is named e1c8f00bf2a2e0edddbaa8119afe1dc92d9dc1d2/67795493bdc579e489d3ab12e52a1793c4f8a0ee. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-9803 | 2 Lunary, Lunary-ai | 2 Lunary, Lunary | 2025-12-30 | 8.8 High |
| lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper authentication in the Google OAuth integration. The application fails to verify the 'aud' (audience) field in the access token issued by Google, which is crucial for ensuring the token is intended for the application. This oversight allows attackers to use tokens issued to malicious applications to gain unauthorized access to user accounts. The issue is resolved in version 1.9.35. | ||||
| CVE-2025-15097 | 1 Alteryx | 1 Alteryx Server | 2025-12-29 | 7.3 High |
| A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended. | ||||
| CVE-2025-15099 | 1 Simstudioai | 1 Sim | 2025-12-29 | 7.3 High |
| A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNAL_API_SECRET leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The identifier of the patch is e359dc2946b12ed5e45a0ec9c95ecf91bd18502a. Applying a patch is the recommended action to fix this issue. | ||||
| CVE-2025-61922 | 2 Prestashop, Prestashopcorp | 3 Prestashop, Prestashop Checkout, Checkout | 2025-12-29 | 9.1 Critical |
| PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known workarounds exist. | ||||
| CVE-2025-15135 | 2025-12-29 | 6.3 Medium | ||
| A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the function tryAuthenticateWithCookies of the file AuthenticationInterceptor.java of the component Cookie Handler. Executing manipulation can lead to improper authentication. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Upgrading to version 4.0.0 will fix this issue. It is recommended to upgrade the affected component. | ||||
| CVE-2023-52210 | 2 Tychesoftwares, Wordpress | 2 Product Delivery Date For Woocommerce Lite, Wordpress | 2025-12-23 | 5.3 Medium |
| Vulnerability in Tyche softwares Product Delivery Date for WooCommerce – Lite.This issue affects Product Delivery Date for WooCommerce – Lite: from n/a through 2.7.0. | ||||
| CVE-2025-66174 | 1 Hikvision | 4 Ds-7104hghi-f1, Ds-7104hghi-f1 Firmware, Ds-7204hghi-f1 and 1 more | 2025-12-23 | 6.5 Medium |
| There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands. | ||||
| CVE-2025-55241 | 1 Microsoft | 2 Entra Id, Microsoft Entra Id | 2025-12-23 | 10 Critical |
| Azure Entra ID Elevation of Privilege Vulnerability | ||||
| CVE-2025-65431 | 2 Allauth, Django-allauth Project | 2 Allauth, Django-allauth | 2025-12-23 | 5.4 Medium |
| An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead. | ||||
| CVE-2025-14703 | 2 Sgwbox, Shiguangwu | 2 N3 Nas, Sgwbox N3 | 2025-12-23 | 5.3 Medium |
| A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The affected element is an unknown function of the file /fsnotify of the component POST Message Handler. The manipulation of the argument token leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||